Re: getaddrinfo(3) chroot(2) with root
Denis Fondras wrote: Hello all, I am burning my last neurons with a behavior I can't explain. I wonder why getaddrinfo() fails when called after chroot() with root user. I have this piece of code : ... error = getaddrinfo(rpki.liopen.eu, NULL, NULL, ai_out); if (error) printf(getaddrinfo() failed\n); else printf(getaddrinfo() succeed\n); ... Apart from the other suggestions you got, I'm wandering why don't you try to get more information about the error using the gai_strerror(3) function ? (like in the example of getaddrinfo(3))
Re: getaddrinfo(3) chroot(2) with root
On Wed, May 14, 2014 at 07:41:47PM +0200, Denis Fondras wrote: After chroot, /etc/resolv.conf is no longer available. Thank you very much Ted Vadim. Other daemons like ntpd have a helper process that runs outside chroot and does all of the DNS resolution for them. Ok, I'll look on this side. Thank you, Denis A quick way to solve this (but an administrative headache) is to create etc/resolv.conf in your chroot. -Otto
Re: Weird tmux pane separator chars in wsconsole
On Wed 14/05, Alessandro DE LAURENZIS wrote: Hello, I'm trying to configure tmux on OBSD 5.5 in console (no X11). My laptop is a Thinkpad R61 equipped with an Intel GM965 video card, so I'm in KMS mode, if that matters. The problem is that when I split a windows in two or more panes, the separators are characters, both horizontally and vertically (instead of | and -). Strangely enough, if I enable UTF-8 (which is, to my best understanding, not supported in console), the separators change to , so for sure there is an impact of the encoding... It's worth noting that in Xterm all works as expected. After further investigation and searching, this seems to be related to some kind of mismatch between OBSD console and the terminfo database entry being used by tmux. Maybe the terminfo db indicates that ACS is available, but wsconsole is not actually respecting the specified control sequences? Un-setting the ACS features, tmux is forced to fall back to ASCII line drawing, and the problem disappears: ~/.tmux.conf set-option -g terminal-overrides ',*vt*:enacs@:smacs@:rmacs@:acsc@' In any case, UTF-8 encoding must be switched off. I'm not an expert, so I don't think I can do more than this... I really hope in your comments. Cheers -- Alessandro DE LAURENZIS [mailto:just22@gmail.com] LinkedIn: http://it.linkedin.com/in/delaurenzis
Re: something fishy with portmapper on i386 snapshot?
On Tue, 13 May 2014, Sebastian Reitenbach wrote: I've installed a i386 soekris box (10.0.0.27, called wormhole) from current snapshot, and trying to netboot a vax and a sparc, but I guess, they don't get to the bootparamd. Actually, there's a trick involved and they don't *directly* do so. Instead, their request to portmap is a call this proc in this other service request, for which portmap relays back the answer. ... With tcpdump I've seen, what I guess its getting rarp information correctly, then broadcasting to try to find the bootparamd, the portmapper on my box answers, and then its what I guess trying to contact the bootparamd, but this fails. As I guess, its trying to contact the bootparamd on UDP port 639, but there is nothing listen, bootparamd is listening on UDP 805. Does the portmapper give out the wrong port? root@wormhole:~# tcpdump -n -i vr0 -e -ttt -vvv -s 2000 -X host 10.0.0.30 tcpdump: listening on vr0, link-type EN10MB May 13 09:01:54.903204 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 8035 42: rarp reply 08:00:2b:2d:33:2c at 10.0.0.30 : 0800 2b2d 332c 24c9 d498 8035 0001 ..+-3,..$5.. 0010: 0800 0604 0004 24c9 d498 0a00 001b $... 0020: 0800 2b2d 332c 0a00 001e ..+-3, May 13 09:01:54.941453 08:00:2b:2d:33:2c ff:ff:ff:ff:ff:ff 0800 138: 10.0.0.30.986 255.255.255.255.111: [udp sum ok] udp 96 (ttl 4, id 0, len 124) : 0800 2b2d 332c 0800 4500 +-3,..E. 0010: 007c 0411 ac54 0a00 001e .|...T.. 0020: 03da 006f 0068 e2d6 0027 .o.h.'.. 0030: 0002 0001 86a0 0002 0040: 0005 0001 0014 0050: 0060: 0001 86ba 0001 0070: 0001 0014 0001 000a 0080: 001e .. the broadcast to the portmapper That's the call bootparam's 'whoami' call for me request. The 0005 at offset 040 is PMAPPROC_CALLIT, etc. May 13 09:01:54.949153 00:00:24:c9:d4:98 08:00:2b:2d:33:2c 0800 110: 10.0.0.27.111 10.0.0.30.986: [bad udp cksum 9f2d!] udp 68 (ttl 64, id 49240, len 96, bad cksum 0! differs by a5fc) : 0800 2b2d 332c 24c9 d498 0800 4500 ..+-3,..$.E. 0010: 0060 c058 4011 0a00 001b 0a00 .`.X..@. 0020: 001e 006f 03da 004c 1496 0027 ...o...L.'.. 0030: 0001 0040: 0325 0024 0008 6461 .%...$da 0050: 6564 616c 7573 0001 edalus.. 0060: 007f 0001 .. the answer ...from bootparamd, relayed by portmap. Note that it contains the client_name (daedalus) you would expect to get back from bootparamd. That's confirmed by the vax boot saying: boot: client name: daedalus One odd bit is that it looks like the router_address is 127.0.0.0, which seems odd. But maybe I'm decoding the RPC by eyeball incorrectly. More importantly, we can see the correct bootparam port number in portmapper's reply: 0x0325 (at offset 0044) == 805. That value is (supposed to be) remember by boot and used as the port to which to send the direct bootparam getfile query. May 13 09:01:54.980649 08:00:2b:2d:33:2c 00:00:24:c9:d4:98 0800 122: 10.0.0.30.985 10.0.0.27.639: [udp sum ok] udp 80 (ttl 4, id 0, len 108) Hmm, could you verify that the VAX boot block you're using was compiled with a gcc that was built with miod@'s April 12th fix to gnu/usr.bin/gcc/gcc/protector.c ? Philip Guenther
ha firewall hardware suggestions
Hi OpenBSD hackers, At work we have a firewall on two Dell PowerEdge 2940 servers, with 10 NIC's in use, which I want to substiute in the near future. The second machine act as cold standby. I would like to use OpenBSD pf and carp/pfsync to make a ha firewall. I further want to use an embedded system to reduce heat and power consumption in our server room. What hardware would you suggest? Would a Soekris net6501-30 with two lan1841 be powerful enough to route and filter ip traffic for 50 clients in the LAN and 50 servers in the DMZ with a 300 Mbit uplink? Is there any other embedded system supported by OpenBSD with at least 9 gigabit ethernet network interfaces? Any octeon system available? Thanks in advance for any suggestion. best regards Waldemar
Re: wildcards for principals when generating ssh certificate
On Wed, May 14, 2014 at 1:40 AM, Jiri B ji...@devio.us wrote: is it possible to have a wildcard in principals when generating user certificate? From reading ssh/key.c:key_cert_check_authority(), I would say that name matching of principals is exact only, without wildcards. Philip Guenther
Re: cron reload
On Wed, May 14, 2014 at 1:26 AM, Tomek WaÅaszek tmwalas...@gmail.comwrote: Sorry for the top post I'm just trying to understand why there is a unix-domain socket for reloading the cron if without the socket (rm /var/cron/tabs/.sock) cron will reload new jobs. If you're wondering why the developer added it, you should check the commit logs. Since OpenBSD's cron is derived from Vixie cron, you may need to dig through the Vixie cron changelogs. If you're wondering why it still uses a unix-domain socket: 1) the socket is used for more than just reload. check the source for the details 2) will the periodic scan notice a change if the clock jumps between the change and the scan? What if the scan happens at the same moment as the change? what if there are two changes in the same second, and the scan takes place between them? How confident are you that the scan doesn't have a corner case? 3) is there a problem with it? Philip Guenther
Re: Weird tmux pane separator chars in wsconsole
Looks like VGA console doesn't support the characters wscons tries to use for ACS, at least not with an ISO font encoding and I can't see if it's possible to change it to an IBM font. I suspect nuking acsc with terminal-overrides is the best you're going to be able to do. On Thu, May 15, 2014 at 08:11:47AM +0200, Alessandro DE LAURENZIS wrote: On Wed 14/05, Alessandro DE LAURENZIS wrote: Hello, I'm trying to configure tmux on OBSD 5.5 in console (no X11). My laptop is a Thinkpad R61 equipped with an Intel GM965 video card, so I'm in KMS mode, if that matters. The problem is that when I split a windows in two or more panes, the separators are characters, both horizontally and vertically (instead of | and -). Strangely enough, if I enable UTF-8 (which is, to my best understanding, not supported in console), the separators change to , so for sure there is an impact of the encoding... It's worth noting that in Xterm all works as expected. After further investigation and searching, this seems to be related to some kind of mismatch between OBSD console and the terminfo database entry being used by tmux. Maybe the terminfo db indicates that ACS is available, but wsconsole is not actually respecting the specified control sequences? Un-setting the ACS features, tmux is forced to fall back to ASCII line drawing, and the problem disappears: ~/.tmux.conf set-option -g terminal-overrides ',*vt*:enacs@:smacs@:rmacs@:acsc@' In any case, UTF-8 encoding must be switched off. I'm not an expert, so I don't think I can do more than this... I really hope in your comments. Cheers -- Alessandro DE LAURENZIS [mailto:just22@gmail.com] LinkedIn: http://it.linkedin.com/in/delaurenzis
lemote yeelong compile time
Hello, As advised in this thread: http://marc.info/?l=openbsd-armm=139894585630709w=2 I am looking for a netbook that would suit my needs. I am currently hesitating between buying an Acer aspire One 725 and a Lemote Yeelong. Yeelong is more open-source, I like the lack of closed BIOS. Unfortunately, some (heavy) binaries I would need are not in mips64el,such as icedtea-web or conkeror, both needed to browse on-line libraries djvu. I think I should stick with FAQ suggestions of avoiding compilations and choose an amd64, but to be sure: How long would Yeelong compile heavy apps from ports like jdk? Thanks, Damien Thiriet
Re: ha firewall hardware suggestions
On May 15, 2014 2:29:00 AM EDT, Waldemar Brodkorb m...@waldemar-brodkorb.de wrote: Hi OpenBSD hackers, At work we have a firewall on two Dell PowerEdge 2940 servers, with 10 NIC's in use, which I want to substiute in the near future. The second machine act as cold standby. I would like to use OpenBSD pf and carp/pfsync to make a ha firewall. I further want to use an embedded system to reduce heat and power consumption in our server room. What hardware would you suggest? Would a Soekris net6501-30 with two lan1841 be powerful enough to route and filter ip traffic for 50 clients in the LAN and 50 servers in the DMZ with a 300 Mbit uplink? Is there any other embedded system supported by OpenBSD with at least 9 gigabit ethernet network interfaces? Any octeon system available? Thanks in advance for any suggestion. best regards Waldemar Err... 10 NICs and Reduce Power Heat don't usually belong together in the same thought. You may want to consider using a dual-NIC server with VLANs and a 24-port fully managed switch to accomplish the same thing. -Adam -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: lemote yeelong compile time
On 05/15/14 07:32, dam...@thiriet.web4me.fr wrote: Hello, As advised in this thread: http://marc.info/?l=openbsd-armm=139894585630709w=2 I am looking for a netbook that would suit my needs. I am currently hesitating between buying an Acer aspire One 725 and a Lemote Yeelong. Yeelong is more open-source, I like the lack of closed BIOS. Unfortunately, some (heavy) binaries I would need are not in mips64el,such as icedtea-web or conkeror, both needed to browse on-line libraries djvu. Both of these depend on xulrunner, which doesn't build on mips64el. I think I should stick with FAQ suggestions of avoiding compilations and choose an amd64, but to be sure: How long would Yeelong compile heavy apps from ports like jdk? jdk-1.7 took about one second on my yeeloong: $ cd /usr/ports/devel/jdk/1.7/ make build == jdk-1.7.0.55p1v0 is only for i386 amd64, not mips64el (loongson) . Of course, at the end of that second, I didn't have Java. The yeeloongs are a single core 800 MHz machine. Building things will take much much longer than you're used to if you've only been using modern i386/amd64 machines. I think you need to reevaluate what you're looking for in a machine. Thanks, Damien Thiriet
Re: ha firewall hardware suggestions
Hi, Adam Thompson wrote, At work we have a firewall on two Dell PowerEdge 2940 servers, with 10 NIC's in use, which I want to substiute in the near future. The second machine act as cold standby. Err... 10 NICs and Reduce Power Heat don't usually belong together in the same thought. I do not agree here. The Dell servers have two redundant power supplies with 400 watt each. The soekris board uses only 40 watt power supplies. You may want to consider using a dual-NIC server with VLANs and a 24-port fully managed switch to accomplish the same thing. We already have two 48 port HP5500 managed switches with IRF configured. The firewall uses two nics configured as trunking/bonding with LACP for three networks. I don't think the performance would be good if I transfer all the ip traffic over a dual port system with one VLAN trunking port on the internal network. best regards Waldemar
Re: ha firewall hardware suggestions
On 2014-05-15, Waldemar Brodkorb m...@waldemar-brodkorb.de wrote: Hi OpenBSD hackers, At work we have a firewall on two Dell PowerEdge 2940 servers, with 10 NIC's in use, which I want to substiute in the near future. The second machine act as cold standby. I would like to use OpenBSD pf and carp/pfsync to make a ha firewall. I further want to use an embedded system to reduce heat and power consumption in our server room. What hardware would you suggest? Would a Soekris net6501-30 with two lan1841 be powerful enough to route and filter ip traffic for 50 clients in the LAN and 50 servers in the DMZ with a 300 Mbit uplink? Is there any other embedded system supported by OpenBSD with at least 9 gigabit ethernet network interfaces? Any octeon system available? Thanks in advance for any suggestion. best regards Waldemar As a minimum I think you want the fastest of the 6501, but even then if it works at all for this amount of traffic (which depends on traffic mix, ruleset, what services are run on the system; vpn etc) you will have little headroom to handle attacks with high pps (or even some normal traffic, heavy voip etc). Also, though I'm not quite sure how the PCIe lane speed translates to total network throughput, the 1.0a lanes on the processor the 6501 uses have a data rate of 250MByte/s (2Gbit/s) so it seems they would be at 2x oversubscribed if you have 4x1Gb on a lane, so I don't see trunking as being likely to improve total throughput. If you really need that many physical nic, a board with one of the new avoton c2xxx soc + 6-port pcie nic would perform a lot better. OpenBSD 5.5-current (GENERIC.MP) #126: Mon May 12 22:40:04 MDT 2014 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8562782208 (8166MB) avail mem = 8326078464 (7940MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xe7180 (51 entries) bios0: vendor American Megatrends Inc. version 1.0b date 11/06/2013 bios0: Supermicro A1SAi acpi0 at bios0: rev 2 acpi0: sleep states S0 S5 acpi0: tables DSDT FACP FPDT SPMI MCFG WDAT UEFI APIC BDAT HPET SSDT HEST BERT ERST EINJ acpi0: wakeup devices PEX1(S0) PEX2(S0) PEX3(S0) EHC1(S0) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2400.44 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS cpu0: 1MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2399.99 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS cpu1: 1MB 64b/line 16-way L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 4 (application processor) cpu2: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2399.99 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS cpu2: 1MB 64b/line 16-way L2 cache cpu2: smt 0, core 2, package 0 cpu3 at mainbus0: apid 6 (application processor) cpu3: Intel(R) Atom(TM) CPU C2550 @ 2.40GHz, 2399.99 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,NXE,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS cpu3: 1MB 64b/line 16-way L2 cache cpu3: smt 0, core 3, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (PEX1) acpiprt2 at acpi0: bus 2 (BR04) acpiprt3 at acpi0: bus 3 (PEX2) acpiprt4 at acpi0: bus 4 (PEX3) acpicpu0 at acpi0: C2, C1, PSS acpicpu1 at acpi0: C2, C1, PSS acpicpu2 at acpi0: C2, C1, PSS acpicpu3 at acpi0: C2, C1, PSS ipmi at mainbus0 not configured cpu0: Enhanced SpeedStep 2400 MHz: speeds: 2401, 2400, 2300, 2200, 2100, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 vendor Intel, unknown product 0x1f02 rev 0x02 ppb0 at pci0 dev 1
Re: Ssh key stopped working
On Thu, May 15, 2014 at 01:53:22PM +0200, Eivind Evensen wrote: On Sat, May 10, 2014 at 10:44:47PM +, Stuart Henderson wrote: On 2014-05-08, Eivind Evensen eivi...@terraplane.org wrote: Hello. After upgrading an i386 I can no longer login via ssh using the key I normally use. The server says in authlog: There have been a couple of bugs in -current recently that have broken ssh in various situations, please could you try an up-to-date snapshot and post again if it still happens? Thanks for the reply. I still see it: May 15 13:44:49 rev sshd[27321]: error: buffer_get_bignum2_ret: bignum is too large [preauth] May 15 13:44:49 rev sshd[27321]: error: key_from_blob: can't read rsa key [preauth] May 15 13:44:49 rev sshd[27321]: error: userauth_pubkey: cannot decode key: ssh-rsa [preauth] May 15 13:44:54 rev sshd[27321]: Connection closed by 10.10.10.8 [preauth] OpenBSD 5.5-current (GENERIC) #105: Mon May 12 21:43:29 MDT 2014 t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC Another funny thing, trying to use ssh and the ssh-agent on an amd64 computer with the same key: .eval `ssh-agent -c` Agent pid 19739 .ssh-add -l The agent has no identities. .ssh-add Enter passphrase for /home/rumrunner/.ssh/id_rsa: Error reading response length from authentication socket. Could not add identity: /home/rumrunner/.ssh/id_rsa .ssh-add -l Could not open a connection to your authentication agent. But still: .ssh klump buffer_get_bignum2_ret: bignum is too large key_from_blob: can't read rsa key key_read: dump of key comes hereEnter passphrase for key '/home/rumrunner/.ssh/id_rsa': Last login: Fri May 9 17:37:27 2014 from elg it logs me in at this point No newline before the Enter passphrase... is how it was displayed. This is on: OpenBSD 5.5-current (GENERIC.MP) #126: Mon May 12 22:40:04 MDT 2014 t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP -- Eivind
Re: Ssh key stopped working
On Sat, May 10, 2014 at 10:44:47PM +, Stuart Henderson wrote: On 2014-05-08, Eivind Evensen eivi...@terraplane.org wrote: Hello. After upgrading an i386 I can no longer login via ssh using the key I normally use. The server says in authlog: There have been a couple of bugs in -current recently that have broken ssh in various situations, please could you try an up-to-date snapshot and post again if it still happens? Thanks for the reply. I still see it: May 15 13:44:49 rev sshd[27321]: error: buffer_get_bignum2_ret: bignum is too large [preauth] May 15 13:44:49 rev sshd[27321]: error: key_from_blob: can't read rsa key [preauth] May 15 13:44:49 rev sshd[27321]: error: userauth_pubkey: cannot decode key: ssh-rsa [preauth] May 15 13:44:54 rev sshd[27321]: Connection closed by 10.10.10.8 [preauth] OpenBSD 5.5-current (GENERIC) #105: Mon May 12 21:43:29 MDT 2014 t...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC -- Eivind
ftp.fr mirror is going down
Hi. The ftp.fr mirror is going down for an undefined period of time (could be forever). Please migrate to another mirror for the time being. Thank you and sorry for the inconvenience. -- Antoine
Where is my memory?
Hi folks, I'm running out of memory on a server causing packets drop and out of memory errors. I'm trying to found out what's exactly using the memory. There are few apps running on it, mainly bgpd, bind, and pf with lots of rules. Here is the top: load averages: 1.33, 1.46, 1.58 42 processes: 41 idle, 1 on processor CPU0 states: 1.5% user, 0.0% nice, 0.0% system, 6.2% interrupt, 92.3% idle CPU1 states: 0.0% user, 0.0% nice, 0.0% system, 0.0% interrupt, 100% idle CPU2 states: 6.1% user, 0.0% nice, 1.5% system, 0.0% interrupt, 92.4% idle CPU3 states: 1.5% user, 0.0% nice, 1.5% system, 0.0% interrupt, 97.0% idle Memory: Real: 240M/1925M act/tot Free: 44M Cache: 179M Swap: 0K/0K PID USERNAME PRI NICE SIZE RES STATE WAIT TIMECPU COMMAND 19420 _bgpd 20 256M 171M sleep/0 poll 58:41 0.00% bgpd 32589 named 20 51M 45M sleep/1 select1:43 1.07% named 22737 root 20 31M 15M sleep/2 poll 23:28 0.00% bgpd 8037 root 20 2744K 3552K sleep/0 poll 0:01 0.00% top 15600 root 20 2328K 3236K sleep/0 poll 0:00 0.00% sshd 29370 root 280 1424K 2692K onproc/2 - 0:00 0.00% top 1401 sshd 20 2280K 2416K sleep/3 select0:00 0.00% sshd 17142 root 20 3552K 2364K idle poll 0:00 0.00% sshd 19927 root 20 3608K 2356K idle poll 0:00 0.00% sshd 16261 root 20 3488K 2352K idle poll 0:00 0.00% sshd 3383 root 20 3620K 2348K idle poll 0:00 0.00% sshd 26521 _postfix 20 760K 1244K idle kqread0:08 0.00% qmgr 23263 _bgpd 20 1604K 1092K sleep/1 poll 32:12 0.05% bgpd 7108 _postfix 20 740K 956K sleep/1 kqread0:01 0.00% pickup 4606 root 20 736K 912K sleep/0 select 15:44 0.00% sshd 11798 root 20 656K 872K sleep/0 kqread0:35 0.00% master 23542 root 20 2108K 744K idle netio 0:00 0.00% named 14193 _ntp 20 592K 644K sleep/1 poll 0:02 0.00% ntpd 10715 root 180 872K 576K sleep/1 pause 0:00 0.00% ksh 3788 root 20 680K 564K idle select0:07 0.00% cron 7999 root 30 656K 496K idle ttyin 0:00 0.00% ksh 30235 root 20 532K 460K idle poll 0:00 0.00% ntpd 986 root 180 640K 284K idle pause 0:00 0.00% ksh 10463 root 30 724K 252K idle ttyin 0:13 0.00% ksh 4772 _pflogd40 840K 216K sleep/0 bpf 4:14 0.00% pflogd 1 root 100 544K 140K sleep/1 wait 7:06 0.00% init 9208 root 30 472K 84K idle ttyin 0:00 0.00% getty 4491 root 30 468K 84K idle ttyin 0:00 0.00% getty 25909 root 30 332K 84K idle ttyin 0:00 0.00% getty 32602 root 30 412K 80K idle ttyin 0:00 0.00% getty 26445 root 30 376K 80K idle ttyin 0:00 0.00% getty 6774 _ntp 20 712K 44K idle poll 0:00 0.00% ntpd 28723 _sndio 2 -20 424K 44K idle poll 0:00 0.00% sndiod 22771 root 20 776K4K idle netio 0:00 0.00% pflogd So apps are using around 200M of RAM but where is the rest? vmstat is not very useful for me, or maybe i'm not able to understand it. And here is the vmstat: # vmstat -mMemory statistics by bucket sizeSize In Use Free Requests HighWater Couldfree 1673921 36159 1863429121280 1304 32 495887 31729 44150371 640391 6421073 4399 59057342 320 5757 128 7082118 106221201 160 408977 256 893 1363 132025121 80 13813707 512 1390322 18595792 403078707 1024 532508 786137048 20 2430418652048 36 58 242119 10 1899434096 538 41792143 5 08192 24 10 1151219 51117534 16384 169 0 168959 5 0 327688 0 68 5 0 655362 0 2 5 0 1310721 0 1 5 0Memory usage type by bucket sizeSize Type(s) 16 devbuf, pcb, routetbl, UFS mount, dirhash, ACPI, file desc, exec, pfkey data, xform_data, UVM amap, UVM aobj, USB, USB device, temp 32 devbuf, pcb, routetbl, ifaddr, vnodes, sem, dirhash, ACPI, in_multi, exec, pfkey data, UVM amap, USB, USB device, packet tags, ip6_options, temp 64 devbuf, pcb, routetbl, ifaddr, sysctl, vnodes, UFS mount, dirhash, ACPI, proc, VFS cluster, in_multi, ether_multi, VM swap, UVM amap, USB, USB device, NDP, temp 128 devbuf, pcb, routetbl, ifaddr, mount, sem, dirhash, ACPI, NFS srvsock,
Re: Where is my memory?
On 2014-05-15, Tristan PILAT tristan.pi...@gmail.com wrote: So apps are using around 200M of RAM but where is the rest? vmstat is not very useful for me, or maybe i'm not able to understand it. The information might be in here but the line-wrapping makes it unreadable. It would also be useful to include netstat -m. Can you try with a newer OpenBSD version? 5.2 is a bit old ..
Re: Where is my memory?
Quoting Tristan PILAT tristan.pi...@gmail.com: Hi folks, I'm running out of memory on a server causing packets drop and out of memory errors. I'm trying to found out what's exactly using the memory. There are few apps running on it, mainly bgpd, bind, and pf with lots of rules. Here is the top: load averages: 1.33, 1.46, 1.58 42 processes: 41 idle, 1 on processor CPU0 states: 1.5% user, 0.0% nice, 0.0% system, 6.2% interrupt, 92.3% idle CPU1 states: 0.0% user, 0.0% nice, 0.0% system, 0.0% interrupt, 100% idle CPU2 states: 6.1% user, 0.0% nice, 1.5% system, 0.0% interrupt, 92.4% idle CPU3 states: 1.5% user, 0.0% nice, 1.5% system, 0.0% interrupt, 97.0% idle Memory: Real: 240M/1925M act/tot Free: 44M Cache: 179M Swap: 0K/0K Have you tried running without the mp kernel? I know, it sounds like a waste on an mp machine, but just sayin'... -mike
Re: Where is my memory?
2014-05-15 18:36 GMT+02:00 Mike Jackson m...@netauth.com: Quoting Tristan PILAT tristan.pi...@gmail.com: Hi folks, I'm running out of memory on a server causing packets drop and out of memory errors. I'm trying to found out what's exactly using the memory. There are few apps running on it, mainly bgpd, bind, and pf with lots of rules. Here is the top: load averages: 1.33, 1.46, 1.58 42 processes: 41 idle, 1 on processor CPU0 states: 1.5% user, 0.0% nice, 0.0% system, 6.2% interrupt, 92.3% idle CPU1 states: 0.0% user, 0.0% nice, 0.0% system, 0.0% interrupt, 100% idle CPU2 states: 6.1% user, 0.0% nice, 1.5% system, 0.0% interrupt, 92.4% idle CPU3 states: 1.5% user, 0.0% nice, 1.5% system, 0.0% interrupt, 97.0% idle Memory: Real: 240M/1925M act/tot Free: 44M Cache: 179M Swap: 0K/0K Have you tried running without the mp kernel? I know, it sounds like a waste on an mp machine, but just sayin'... The thing is that it's not possible to reboot the machine right now... Maybe later. netstat -m out : 190 mbufs allocated to data 6 mbufs allocated to packet headers 25 mbufs allocated to socket names and addresses 189/1126/6144 mbuf 2048 byte clusters in use (current/peak/max) 0/8/6144 mbuf 4096 byte clusters in use (current/peak/max) 0/8/6144 mbuf 8192 byte clusters in use (current/peak/max) 0/8/6144 mbuf 9216 byte clusters in use (current/peak/max) 0/8/6144 mbuf 12288 byte clusters in use (current/peak/max) 0/8/6144 mbuf 16384 byte clusters in use (current/peak/max) 0/8/6144 mbuf 65536 byte clusters in use (current/peak/max) 2980 Kbytes allocated to network (14% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines
Re: lemote yeelong compile time
On 2014-05-15, dam...@thiriet.web4me.fr dam...@thiriet.web4me.fr wrote: Unfortunately, some (heavy) binaries I would need are not in mips64el,such as icedtea-web or conkeror, both needed to browse on-line libraries djvu. I think I should stick with FAQ suggestions of avoiding compilations and choose an amd64, but to be sure: How long would Yeelong compile heavy apps from ports like jdk? If the packages are not available from ftp.openbsd.org, the most likely reason is that they simply don't build on mips64el, so compiling them yourself isn't an option. -- Christian naddy Weisgerber na...@mips.inka.de
Re: Weird tmux pane separator chars in wsconsole
On Thu 15/05, Nicholas Marriott wrote: Looks like VGA console doesn't support the characters wscons tries to use for ACS, at least not with an ISO font encoding and I can't see if it's possible to change it to an IBM font. I suspect nuking acsc with terminal-overrides is the best you're going to be able to do. Hello Nicholas, Thank you for your confirmation. Cheers -- Alessandro DE LAURENZIS [mailto:just22@gmail.com] LinkedIn: http://it.linkedin.com/in/delaurenzis
proposed speedup for diff -q
Proposed enhancement to diff:
diff of two very different files can take a very long time
and a lot of memory.
diff -q uses the same algorithm even though the status is
known at the first difference.
I propose ending the comparison at the first difference if
diff is invoked with -q
diff is not invoked with -w, -i, or -b
The changes pass the regression tests and all the tests I've tried.
I believe the changes are not machine dependent.
I invite criticism and counterexamples.
Example:
$ ls -l trash.120403 trash.120711
-rw--- 1 gwes users 249686538 Apr 3 2012 trash.120403
-rw-r--r-- 1 gwes users 142356923 Jul 11 2012 trash.120711
$ time diff -q trash.120403 trash.120711
diff:
1m51.52s real 1m47.66s user 0m2.46s system
top output:
load averages: 1.02, 0.91, 0.58.oat.com 15:41:54
49 processes: 47 idle, 2 on processor
CPU0 states: 0.0% user, 0.0% nice, 0.0% system, 0.0% interrupt, 100% idle
CPU1 states: 98.4% user, 0.0% nice, 1.6% system, 0.0% interrupt, 0.0% idle
Memory: Real: 403M/785M act/tot Free: 796M Cache: 312M Swap: 0K/1248M
PID USERNAME PRI NICE SIZE RES STATE WAIT TIMECPU COMMAND
18740 gwes 570 362M 333M onproc/1 biowait 1:05 95.61% diff
$ time work/newdiff/diff -q trash.120403 trash.120711
Files trash.120403 and trash.120711 differ
0m0.00s real 0m0.00s user 0m0.00s system
The code changes
$ diff -u diff.h work/newdiff/diff.h
--- diff.h Thu May 15 16:29:15 2014
+++ work/newdiff/diff.h Thu May 15 15:57:30 2014
@@ -64,6 +64,10 @@
#define D_PROTOTYPE0x080 /* Display C function prototype */
#define D_EXPANDTABS 0x100 /* Expand tabs to spaces */
#define D_IGNOREBLANKS 0x200 /* Ignore white space changes */
+ /* test for possible return at first difference
*/
+#define CANBRIEFRETURN(flags) (((flags) (D_FOLDBLANKS | D_IGNORECASE \
+ | D_IGNOREBLANKS \
+ )) == 0)
/*
* Status values for print_status() and diffreg() return values
$ diff -u diffreg.c work/newdiff/diffreg.c
--- diffreg.c Thu May 15 16:29:15 2014
+++ work/newdiff/diffreg.c Thu May 15 16:31:19 2014
@@ -366,6 +366,15 @@
status |= 1;
goto closem;
}
+ if ((diff_format == D_BRIEF) CANBRIEFRETURN(flags)) {
+ anychange = 1;
+ if (flags D_HEADER) {
+ diff_output(%s %s %s\n, \
+ diffargs, file1, file2);
+ flags = ~D_HEADER;
+ }
+ goto closem;
+ }
if (lflag) {
/* redirect stdout to pr */
int pfd[2];
OT: Does OpenBSD run on SuperMicro MicroCloud models, and may be on 5037MC-H12TRF
Hi, Sorry for the off topic question, but I don't know any other way to find out. Google didn't provide much answer on this model yet for OpenBSD. Does anyone may had a chance to know or test if that unit can run OpenBSD properly yet? I have to asked as to get that unit, you can't get only the rack and one module to test, but this come as full unit only and configure as it maybe good cost 15K up 23K depend on model below. So I would like to know before I get one obviously... SuperServer 5037MC-H12TRF http://www.supermicro.com/products/system/3U/5037/SYS-5037MC-H12TRF.cfm I was also looking at these two if the above one wasn't supported. But if I remember the Atom SoC one is not working on OpenBSD yet, but I could be wrong. SuperServer 5038MA-H24TRF http://www.supermicro.com/products/system/3U/5038/SYS-5038MA-H24TRF.cfm A+ Server 3012MA-H12TRF http://www.supermicro.com/Aplus/system/3U/3012/AS-3012MA-H12TRF.cfm Fell free to answer off list as to not pollute this, or on list if others are interested to know. I would very much appreciate feedback good/bad on any SuperMicro MicroCloud model(s) and as well on the management of it if anyone had a chance to play with them? Many thanks in advance for your time. Daniel
Re: OT: Does OpenBSD run on SuperMicro MicroCloud models, and may be on 5037MC-H12TRF
Daniel Ouellet [dan...@presscom.net] wrote: SuperServer 5037MC-H12TRF http://www.supermicro.com/products/system/3U/5037/SYS-5037MC-H12TRF.cfm Looks like this is like a lot of the other X9 series SuperMicro motherboards and is supported just as well as they are (pretty well) I was also looking at these two if the above one wasn't supported. But if I remember the Atom SoC one is not working on OpenBSD yet, but I could be wrong. SuperServer 5038MA-H24TRF http://www.supermicro.com/products/system/3U/5038/SYS-5038MA-H24TRF.cfm A+ Server 3012MA-H12TRF http://www.supermicro.com/Aplus/system/3U/3012/AS-3012MA-H12TRF.cfm I think this stuff is supported now (except for the odd server graphics chip having accelerated support in X11). At least the i350 and i354 are working now. I would very much appreciate feedback good/bad on any SuperMicro MicroCloud model(s) and as well on the management of it if anyone had a chance to play with them? For a graphics application the X10SBA might be interesting once bay trail drm is ported from a newer linux. There are plenty of atoms that work fine now.
